XSS vulnerabilities on book detail page